# Определяем пользователя, под которым работает nginx
user www-data;
# Определяем количество рабочих процессов автоматически
# Параметр auto поддерживается только начиная с версий 1.3.8 и 1.2.5.
worker_processes auto;
# Определяем, куда писать лог ошибок и уровень логирования
Valeriy Bratkevich vbratkev
vbratkev
/ nginx-conf-doc.md
Last active
October 17, 2016 16:48
vbratkev
/ nginx-tuning.md
Created
December 5, 2016 14:31
— forked from denji/nginx-tuning.md
NGINX tuning for best performance
For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.
Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.
You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.
vbratkev
/ OpenVPN server: Firewall configuration.md
Last active
March 7, 2023 16:02
This step is recommended if you are running your server in the cloud, such as a droplet made on Digital Ocean. If this is the case, you need to secure the server for your safety as well as others to prevent aiding in DDoS attacks.
In addition to the risk of being an open resolver, your Web interface is also open to the world increasing the risk. So you will want to prevent ports 53 and 80, respectively, from being accessible from the public Internet.
It's recommended that you clear out your entire firewall so you have full control over it's setup. You have two options for setting up your firewall with your VPN.
vbratkev
/ keybase.md
Last active
August 29, 2018 12:48
I hereby claim:
- I am vbratkev on github.
- I am vbratkev (https://keybase.io/vbratkev) on keybase.
- I have a public key ASCSFy-uKC7O2tX4olYN4L8jSZ-i86Qov5ND2yukdQA1lAo
To claim this, I am signing this object:
vbratkev
/ cloud_metadata.txt
Created
October 6, 2018 10:38
— forked from BuffaloWill/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname |
vbratkev
/ tmux.conf
Created
November 21, 2018 14:28
— forked from rajanand02/tmux.conf
Tmux configurations with status bar theme
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # set prefix to control-f | |
| set -g prefix C-f | |
| #unbind system defined prefix | |
| unbind C-b | |
| # helps in faster key repetition | |
| set -sg escape-time 0 | |
| # start session number from 1 rather than 0 |
vbratkev
/ iptables.example
Created
December 7, 2018 13:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| *nat | |
| -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -m statistic --mode nth --every 8 --packet 0 -j REDIRECT --to-ports 8087 | |
| -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -m statistic --mode nth --every 7 --packet 0 -j REDIRECT --to-ports 8086 | |
| -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -m statistic --mode nth --every 6 --packet 0 -j REDIRECT --to-ports 8085 | |
| -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -m statistic --mode nth --every 5 --packet 0 -j REDIRECT --to-ports 8084 | |
| -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -m statistic --mode nth --every 4 --packet 0 -j REDIRECT --to-ports 8083 | |
| -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -m statistic --mode nth --every 3 --packet 0 -j REDIRECT --to-ports 8082 | |
| -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -m statistic --mode nth --every 2 --packet 0 -j REDIRECT --to-ports 8081 | |
| -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 |
vbratkev
/ gist:87fa7d08d1114178173550dc5311acc8
Last active
January 16, 2019 15:07
— forked from roidelapluie/gist:8c67e9c8fb18b310a4a90cb92a23056b
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| groups: | |
| - name: datetime | |
| rules: | |
| - record: daily_saving_time_belgium | |
| expr: | | |
| (vector(0) and (month() < 3 or month() > 10)) | |
| or | |
| (vector(1) and (month() > 3 and month() < 10)) | |
| or | |
| ( |
vbratkev
/ user-data-consul-server.yml
Last active
March 11, 2019 12:45
— forked from bdclark/user-data-consul-server
CoreOS cloud-config to bootstrap consul cluster
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cloud-config | |
| coreos: | |
| etcd2: | |
| # generate a token from https://discovery.etcd.io/new?size=3 | |
| discovery: https://discovery.etcd.io/<token> | |
| advertise-client-urls: http://$private_ipv4:2379 | |
| initial-advertise-peer-urls: http://$private_ipv4:2380 | |
| listen-client-urls: http://0.0.0.0:2379 | |
| listen-peer-urls: http://$private_ipv4:2380 |
vbratkev
/ postgres_queries_and_commands.sql
Created
March 26, 2019 11:42
— forked from rgreenjr/postgres_queries_and_commands.sql
Useful PostgreSQL Queries and Commands
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- show running queries (pre 9.2) | |
| SELECT procpid, age(clock_timestamp(), query_start), usename, current_query | |
| FROM pg_stat_activity | |
| WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%' | |
| ORDER BY query_start desc; | |
| -- show running queries (9.2) | |
| SELECT pid, age(clock_timestamp(), query_start), usename, query | |
| FROM pg_stat_activity | |
| WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%' |
OlderNewer